Enabling trusted commerce and protecting customers

The Visa Intelligent Security framework offers our ecosystem partners dynamic, data-rich solutions that help balance fraud reduction and dispute prevention. The Intelligent Security framework spans the entire transaction lifecycle:

• Account Onboarding and Management: Visa provides financial institutions with tools to identify identity fraud at account opening, and through our financial institution clients, Visa provides consumer tools to manage security, including restrictions on account use and customizing alerts.
• Consumer Identity and Authentication: We use artificial intelligence-powered authentication strategies to prevent unauthorized access to Visa accounts.
• Transaction Authorization: We use tools such as Visa Advanced Authorization, which applies real-time artificial intelligence and machine learning to evaluate the trustworthiness of transactions to prevent fraud without inconveniencing consumers.
• Dispute Management: We help consumers and issuers to proactively address transaction disputes through Visa tools such as Verifi, which provides issuers and customers access to transaction information from sellers via a global data-sharing network.
• Performance Optimization: An important piece of the Visa Intelligent Security strategy is our commitment to enhancing payment performance by reducing fraud and increasing efficiency.

Visa helped prevent an estimated $27 billion in fraud in 2022.

We leverage the following components to enact our cybersecurity strategy across the business:

• Policy and Training: Visa’s cybersecurity policy framework, the Key Controls, details our approach to protecting our information and technology assets, including the safe handling of consumer nonpublic personal information. We provide new employees with security awareness training and conduct annual Key Controls training for all staff, to promote good cyber-hygiene and familiarity with Visa processes and tools.
• Adaptive Resiliency: We regularly conduct cross-functional response and resiliency exercises involving multiple internal teams as well as external partners and agencies. We further evolved the Visa Cyber Fusion Framework to drive an active and adaptive global Cyber Defense capability. This capability allows us to meet the increasing threat landscape through the ability to rapidly collect, analyze and use cyber threat intelligence while providing continuous real-time validation of our security tools and assets.
• Audit and Third-Party Certifications: To promote the effectiveness of our cybersecurity approach and systems, we conduct multiple internal and external audits of our IT infrastructure and applications every year. These systems also are subject to examination by the Federal Banking Agencies and other regulators from across the globe. Examples of external reviews include: Payment Card Industry Data Security Standard, Statement on Standards for Attestation Engagements (SSAE-18) and International Standard on Assurance Engagements 3402.

Building trust begins with a commitment to privacy and security, which instills confidence in our employees and clients, protects our brand and allows us to innovate responsibly. We also recognize that data is a powerful tool that can fuel innovation, improve customer experiences, safeguard consumers from fraud and deliver new value to consumers. 

Our focus is simple: to use the data entrusted to us in a responsible manner to benefit consumers and help businesses and economies grow. We embed these and other practices through a robust privacy program that allows us to measure and monitor organizational practices. We strive to be transparent about our data practices. To learn more about how Visa collects, uses and shares Personal Information, as well as the privacy choices we offer, please refer to our Visa Global Privacy Notice.

Visa’s Global Privacy Office, composed of dozens of privacy professionals around the world, is led by Visa’s Chief Privacy Officer and closely coordinates with several cross-functional teams and governance bodies, including the Cybersecurity team and Global Data Office. 

The Corporate Risk Committee and the Visa Inc. Audit and Risk Committee oversee the Global Privacy Program and the risks related to data privacy, including our compliance with current and emerging data protection laws around the world.

Visa connects the world through the most innovative, reliable and secure payments network—enabling individuals, businesses and economies to thrive. Visa is committed to maintaining the integrity of our payment system. We do not tolerate the use of our network and products for illegal activity, and we are vigilant in our efforts to deter illegal activity on our network.

The Visa Integrity Risk Program establishes a set of ecosystem controls, requirements and capabilities that seek to deter, detect and remediate noncompliant transactions across our network. This framework helps network participants that support merchants in legal businesses that are at higher risk for illicit activity maintain proper controls and oversight processes to identify and deter unlawful transactions from entering the Visa payment system.

As part of the Program, Visa:

• Maintains registration requirements for acquirers and merchants, pursuant to which acquirers attest to their merchants’ compliance with our standards.
• Provides acquirers guidance and direction on controls to help comply with Visa’s rules.
  
• Proactively monitors participant transaction activity via machine- learning solutions.
  
• Works with acquirers to identify and terminate merchants that are selling illegal items and services.
• Engages with law enforcement to stay abreast of ecosystem risks.
• Supports industry and cross-industry organizations and initiatives such as the Financial Coalition Against Child Sexual Exploitation, a joint initiative of the International Centre for Missing & Exploited Children and the National Center for Missing & Exploited Children, and the Internet Watch Foundation.
• Combats counterfeiting and piracy in partnership with the International Anti-Counterfeiting Coalition.